package com.awenhui.demo.config.shiro;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SaltedAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.util.ByteSource;
import org.omg.CORBA.PUBLIC_MEMBER;

/**
 * 自定义密码比对规则
 * @author yuxf
 * @version 1.0
 * @date 2021/6/25 10:28
 */
public class MyCredentialsMatcher implements CredentialsMatcher {

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {

        String clientPwd = token.getCredentials().toString();//客户端提交的密码
        Object backPwd = info.getCredentials();//数据库中的密码(realm中获取)
        ByteSource salt=null;
        //获取盐值
        if (info instanceof SaltedAuthenticationInfo) {
            salt = ((SaltedAuthenticationInfo) info).getCredentialsSalt();
        }
        //实现自己的密码比对规则
        //...
        return clientPwd.equals(backPwd);
    }

}
